[英]Why does my Laravel policy always return false?
该政策的代码在这里:
class userOwnedClassPolicy
{
use HandlesAuthorization;
...
public function create(User $user)
{
return ($user->userType == 'teacher');
}
...
}
因此,此策略已在AuthServiceProvider.php
文件中注册:
class AuthServiceProvider extends ServiceProvider
{
//Map models to authorization policies.
protected $policies = [
App\Models\classMember::class => App\Policies\classMemberPolicy::class,
App\Models\evaluation::class => App\Policies\evaluationPolicy::class,
App\Models\group::class => App\Policies\groupPolicy::class,
App\Models\groupMember::class => App\Policies\groupMemberPolicy::class,
App\Models\sharedClass::class => App\Policies\sharedClassPolicy::class,
App\Models\slg::class => App\Policies\slgPolicy::class,
App\Models\spreadsheet::class => App\Policies\spreadsheetPolicy::class,
App\Models\spreadsheetValue::class => App\Policies\spreadsheetValuePolicy::class,
App\Models\teacher::class => App\Policies\teacherPolicy::class,
App\Models\test::class => App\Policies\testPolicy::class,
App\Models\userOwnedClass::class => App\Policies\userOwnedClassPolicy::class
];
public function boot()
{
$this->registerPolicies();
}
}
(我也尝试过使用文件路径的字符串来注册策略,但这没有任何效果。)
controller代码的相关部分在这里:
class ClassController extends Controller
{
...
public function store(Request $postReq)
{
$this->authorize('create', Auth::user());
userOwnedClass::create([
'name' => $postReq->input('className'),
'ownerId' => Auth::user()->id
]);
}
...
}
我尝试用return true
替换策略的create
方法中的代码,但即使这样也失败了。 我做错了什么,为什么 controller 在调用时总是返回 403 错误?
当您创建策略userOwnedClassPolicy
并将其设置为userOwnedClass
中的AuthServiceProvider
时:
App\Models\userOwnedClass::class => App\Policies\userOwnedClassPolicy::class
你不能只运行策略方法:
$this->authorize('create', Auth::user());
当您在上面运行此行时,您会告诉 - 检查\App\Models\User
object 的策略的create
方法,但您没有为此 model 创建任何策略。
所以在这种情况下,你应该像这样运行它:
$this->authorize('create', \App\Models\userOwnedClass::class);
然后 Laravel 将知道它应该从userOwnedClassPolicy
策略运行create
方法,它会自动将当前经过身份验证的用户传递给策略方法中的$user
变量。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.